CVE-2016-8863

Heap-based buffer overflow in the createurllist function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request.

Database specific

{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "8.0"
                }
            ],
            "source": "CPE_FIELD",
            "vendor_product": "debian:debian_linux"
        }
    ]
}

References

Affected packages

Git / github.com/pupnp/pupnp

Affected ranges

Type

GIT

Repo

https://github.com/pupnp/pupnp

Events

Introduced

Last affected

019095d79f8c7227f53ad11ac2013fb9b8d3dd94

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.6.20"
        }
    ],
    "source": "CPE_FIELD",
    "cpe": "cpe:2.3:a:libupnp_project:libupnp:*:*:*:*:*:*:*:*"
}

Affected versions

last_svn_1.*

last_svn_1.6.x

release-1.*

release-1.6.10

release-1.6.11

release-1.6.12

release-1.6.13

release-1.6.14

release-1.6.15

release-1.6.16

release-1.6.17

release-1.6.18

release-1.6.19

release-1.6.20

release-1.6.7

release-1.6.8

release-1.6.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-8863.json"